CVE-2003-1383
WEB-ERP 0.1.4 and earlier are affected by an information-disclosure vulnerability: an HTTP request can retrieve the logicworks.ini file, exposing the MySQL database username and password. Root cause is improper access to the configuration file in the webERP application. Impact is partial confiden...